2 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647
3 https://bugs.python.org/issue34623
6 https://github.com/python/cpython/commit/f7666e828cc3d5873136473ea36ba2013d624fa1
8 diff --git Include/pyexpat.h Include/pyexpat.h
9 index 44259bf6d7..07020b5dc9 100644
14 /* note: you must import expat.h before importing this module! */
16 -#define PyExpat_CAPI_MAGIC "pyexpat.expat_CAPI 1.0"
17 +#define PyExpat_CAPI_MAGIC "pyexpat.expat_CAPI 1.1"
18 #define PyExpat_CAPSULE_NAME "pyexpat.expat_CAPI"
21 @@ -48,6 +48,8 @@ struct PyExpat_CAPI
22 enum XML_Status (*SetEncoding)(XML_Parser parser, const XML_Char *encoding);
23 int (*DefaultUnknownEncodingHandler)(
24 void *encodingHandlerData, const XML_Char *name, XML_Encoding *info);
25 + /* might be none for expat < 2.1.0 */
26 + int (*SetHashSalt)(XML_Parser parser, unsigned long hash_salt);
27 /* always add new stuff to the end! */
30 diff --git Modules/_elementtree.c Modules/_elementtree.c
31 index 707ab2912b..53f05f937f 100644
32 --- Modules/_elementtree.c
33 +++ Modules/_elementtree.c
34 @@ -3261,6 +3261,11 @@ _elementtree_XMLParser___init___impl(XMLParserObject *self, PyObject *html,
38 + /* expat < 2.1.0 has no XML_SetHashSalt() */
39 + if (EXPAT(SetHashSalt) != NULL) {
40 + EXPAT(SetHashSalt)(self->parser,
41 + (unsigned long)_Py_HashSecret.expat.hashsalt);
46 diff --git Modules/pyexpat.c Modules/pyexpat.c
47 index 47c3e86c20..aa21d93c11 100644
50 @@ -1887,6 +1887,11 @@ MODULE_INITFUNC(void)
51 capi.SetStartDoctypeDeclHandler = XML_SetStartDoctypeDeclHandler;
52 capi.SetEncoding = XML_SetEncoding;
53 capi.DefaultUnknownEncodingHandler = PyUnknownEncodingHandler;
54 +#if XML_COMBINED_VERSION >= 20100
55 + capi.SetHashSalt = XML_SetHashSalt;
57 + capi.SetHashSalt = NULL;
60 /* export using capsule */
61 capi_object = PyCapsule_New(&capi, PyExpat_CAPSULE_NAME, NULL);